package com.abc.xxx.model;

import com.alibaba.fastjson.annotation.JSONField;
import com.baomidou.mybatisplus.annotation.TableField;
import com.baomidou.mybatisplus.annotation.TableId;
import com.baomidou.mybatisplus.annotation.TableName;
import io.jsonwebtoken.Claims;
import lombok.Getter;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.time.LocalDateTime;
import java.util.*;

@Getter
@Setter
@TableName("t_user")
public class User implements UserDetails {

    @TableId
    private Integer id;
    private String name;
    private String nick;
    @JSONField(serialize = false)
    private String pwd;
    private Boolean root;
    private String phone;
    private Integer roleId;
    private Integer creatorId;
    private Integer deptId;
    private LocalDateTime created;
    private LocalDateTime updated;

    // dataScope、roleName、deptNam是这样查出来的：
    // UserDetailsServiceImpl.loadUserByUsername()
    // --> UserService.findUserByName() --> UserServiceImpl.findUserByName()
    @TableField(exist = false)
    private Integer dataScope;
    @TableField(exist = false)
    private String roleName;
    @TableField(exist = false)
    private String deptName;

    // accessibleDepts是用户登录验证成功后签发jwt token时查出来的：
    // LoginFilter.successHandler()回调 --> roleService.findUserAccessibleDepts()
    @TableField(exist = false)
    private List<Integer> accessibleDepts = new ArrayList<>(32);


    @JSONField(serialize = false)
    @Override
    public Collection<? extends GrantedAuthority> getAuthorities() {
        ArrayList<GrantedAuthority> list = new ArrayList<>();
        list.add(new SimpleGrantedAuthority(roleName));
        return list;
    }

    @Override
    public String getPassword() {
        return this.pwd;
    }

    @Override
    public String getUsername() {
        return this.name;
    }

    @Override
    public boolean isAccountNonExpired() {
        return true;
    }

    @Override
    public boolean isAccountNonLocked() {
        return true;
    }

    @Override
    public boolean isCredentialsNonExpired() {
        return true;
    }

    @Override
    public boolean isEnabled() {
        return true;
    }

    /**
     * 是否超级管理员
     */
    public boolean root() {
        return this.root != null && this.root;
    }

    /**
     * 是否非超级管理员
     */
    public boolean isNotRoot() {
        return !this.root();
    }

    /**
     * 获取用于生成jwt token的用户信息
     */
    @JSONField(serialize = false)
    public Map<String, Object> getJwtData() {
        Map<String, Object> data = new HashMap<>();
        data.put("id", id);
        data.put("root", root);
        data.put("roleId", deptId);
        data.put("roleName", roleName);
        data.put("deptId", deptId);
        data.put("dataScope", dataScope);
        data.put("accessibleDepts", accessibleDepts);
        return data;
    }

    /**
     * 从jwt token中提取用户信息
     */
    public void parseJwtData(Claims body) {
        this.setName(body.getSubject());
        this.setId(body.get("id", Integer.class));
        this.setRoot(body.get("root", Boolean.class));
        this.setRoleId(body.get("roleId", Integer.class));
        this.setRoleName(body.get("roleName", String.class));
        this.setDeptId(body.get("deptId", Integer.class));
        this.setDataScope(body.get("dataScope", Integer.class));
        this.setAccessibleDepts(body.get("accessibleDepts", List.class));
    }


}
